Professional Documents
Culture Documents
What Is A Security Operations Center (SOC) ?
What Is A Security Operations Center (SOC) ?
Security Operations
What Is a Security
Operations Center (SOC)?
5 min. read
Tier 1 – Triage
Triage is the first level of the SOC. Tier 1 personnel
are responsible for triaging incoming security
incidents and determining the severity of the
incident. This includes identifying the source of
the incident, determining the scope of the
incident and assessing the impact of the incident.
Tier 2 – Investigation
Investigation is the second level of the SOC. Tier 2
personnel are responsible for investigating
security incidents and determining the root cause
of the incident. This includes analyzing logs,
network traffic and other data sources to identify
the source of the incident. Tier 2 personnel are
also responsible for providing detailed incident
reports and recommendations for remediation.
SIEM
Network Intrusion Detection System (NIDS)
Network Intrusion Prevention System (NIPS)
Security Orchestration, Automation and
Response (SOAR)
Security Analytics Platforms
Endpoint Detection and Response (EDR)
Vulnerability Management Solutions
Data Loss Prevention (DLP)
Identity and Access Management (IAM)
Firewalls
RELATED CONTENT
This new model of security operations can help teams of any size
bolster their security coverage.
Your email
Sign up
EN
Popular Resources
Blog
Communities
Content Library
Cyberpedia
Event Center
Investors
Products A-Z
Tech Docs
Unit 42
Sitemap
Legal Notices
Privacy
Trust Center
Terms of Use
Documents
Popular Links
About Us
Customers
Careers
Contact Us
Newsroom
Product Certifications
Report a Vulnerability